Re: Too many connections on the same IP

2015-03-06 Thread John Wobus
Re firewalls: I've been forced to adjust firewall rules to be stateless to get busy DNS servers to work. If the state table is filling, that's easy to check. Stateless rules have traps for the unwary so assure yourself that you understand all the issues. Specifically, make sure return traffic isn'

Re: Too many connections on the same IP

2015-03-04 Thread /dev/rob0
On Wed, Mar 04, 2015 at 09:47:59AM +0100, stefan.las...@t-systems.com wrote: > Are you using iptables Firewall? > Does the problem only occur on UDP connections to the problematic > IP? Or also on TCP connections to the same IP? > > I had similar problems (not with bind) when the connection ta

R: Too many connections on the same IP

2015-03-04 Thread Job
Hello Stefan, and thank you for the reply. >>Are you using iptables Firewall? >>Does the problem only occur on UDP connections to the problematic IP? Or also >>on TCP >>connections to the same IP? At the beginning, i thought was an iptables-behind-firewall problem and i made massive dns resolut

AW: Too many connections on the same IP

2015-03-04 Thread Stefan.Lasche
.org Betreff: R: Too many connections on the same IP I tried to tune kernel, with SOMAXCONN but with no solutions! When DNS queries raise up over 300 queries per second, bind has huge timeouts and often does not respond. If i work on an ip alias, everything is right! it seems bind has some limit

Re: R: Too many connections on the same IP

2015-03-03 Thread Hugh Greenberg
[bind-users-boun...@lists.isc.org] per > conto di Job [j...@colliniconsulting.it] > Inviato: martedì 3 marzo 2015 11.43 > A: bind-users@lists.isc.org > Oggetto: Too many connections on the same IP > > Hello, > > during a massive DNS utilization our Bind 9.10.1-P1 seems not

R: Too many connections on the same IP

2015-03-03 Thread Job
? Thank you again! Francesco Da: bind-users-boun...@lists.isc.org [bind-users-boun...@lists.isc.org] per conto di Job [j...@colliniconsulting.it] Inviato: martedì 3 marzo 2015 11.43 A: bind-users@lists.isc.org Oggetto: Too many connections on the same IP

Re: Too many connections on the same IP

2015-03-03 Thread Matus UHLAR - fantomas
On 03.03.15 11:43, Job wrote: during a massive DNS utilization our Bind 9.10.1-P1 seems not to resolve anymore, neither local zone. We shutdown one of the two nodes and all queries arrived only on one node. CPU and memory load were not too overloaded, machine was quite fine. After some fast te

Too many connections on the same IP

2015-03-03 Thread Job
Hello, during a massive DNS utilization our Bind 9.10.1-P1 seems not to resolve anymore, neither local zone. We shutdown one of the two nodes and all queries arrived only on one node. CPU and memory load were not too overloaded, machine was quite fine. After some fast tests, i noticed that if f